Applicability of the QUIC Transport Protocoldraft-kuehlewind-quic-applicability-00

Network Working Group M. Kuehlewind
Internet-Draft B. Trammell
Intended status: Informational ETH Zurich
Expires: September 9, 2017 March 08, 2017
Applicability of the QUIC Transport Protocoldraft-kuehlewind-quic-applicability-00
Abstract
This document discusses the applicability of the QUIC transport
protocol, focusing on caveats impacting application protocol
development and deployment over QUIC. Its intended audience is
designers of application protocol mappings to QUIC, and implementors
of these application protocols.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 9, 2017.
Copyright Notice
Copyright (c) 2017 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Kuehlewind & Trammell Expires September 9, 2017 [Page 1]

Internet-DraftApplicability of the QUIC Transport Protocol March 20172. The Necessity of Fallback
QUIC uses UDP as a substrate for userspace implementation and port
numbers for NAT and middlebox traversal. While there is no evidence
of widespread, systematic disadvantage of UDP traffic compared to TCP
in the Internet [Edeline16], somewhere between three [Trammell16] and
five [Swett16] percent of networks simply block UDP traffic. All
applications running on top of QUIC must therefore either be prepared
to accept connectivity failure on such networks, or be engineered to
fall back to some other transport protocol. This fallback SHOULD
provide TLS 1.3 or equivalent cryptographic protection, if available,
in order to keep fallback from being exploited as a downgrade attack.
In the case of HTTP, this fallback is TLS 1.3 over TCP.
These applications must operate, perhaps with impaired functionality,
in the absence of features provided by QUIC not present in the
fallback protocol. For fallback to TLS over TCP, the most obvious
difference is that TCP does not provide stream multiplexing and
therefore stream multiplexing would need to be implemented in the
application layer if needed. Further, TCP by default does not
support 0-RTT session resumption. TCP Fast Open could be used, but
might no be supported by the far end or could be blocked on the
network path. Note that there is some evidence of middleboxes
blocking SYN data even if TFO was successfully negotiated (see
[PaaschNanog]). Moreover, while encryption (in this case TLS) is
inseparable integrated with QUIC, TLS negotiation over TCP can be
blocked. In case it is RECOMMENDED to abort the connection, allowing
the application to present a suitable prompt to the user that secure
communication is unavailable.
We hope that the deployment of a proposed standard version of the
QUIC protocol will provide an incentive for these networks to permit
QUIC traffic. Indeed, the ability to treat QUIC traffic statefully
as discussed in section 3.1 of [draft-kuehlewind-quic-manageability]
would remove one network management incentive to block this traffic.
3. Zero RTT: Here There Be Dragons
QUIC provides for 0-RTT connection establishment (see section 3.2 of
[I-D.ietf-quic-transport]). However, data in the frames contained in
the first packet of a such a connection must be treated specially by
the application layer. Since a retransmission of these frames
resulting from a lost acknowledgment may cause the data to appear
twice, either the application-layer protocol has to be designed such
that all such data is treated as idempotent, or there must be some
application-layer mechanism for recognizing spuriously retransmitted
frames and dropping them.
Kuehlewind & Trammell Expires September 9, 2017 [Page 3]

Internet-DraftApplicability of the QUIC Transport Protocol March 2017
Applications that cannot treat data that may appear in a 0-RTT
connection establishment as idempotent MUST NOT use 0-RTT
establishment. For this reason the QUIC transport SHOULD provide an
interface for the application to indicate if 0-RTT support is in
general desired or a way to indicate if data is idempotent.
4. Stream versus Flow Multiplexing
QUIC's stream multiplexing feature allows applications to run
multiple streams over a single connection, without head-of-line
blocking between streams, associated at a point in time with a single
five-tuple. Streams are meaningful only to the application; since
stream information is carried inside QUIC's encryption boundary, no
information about the stream(s) whose frames are carried by a given
packet is visible to the network.
Stream multiplexing is not intended to be used for differentiating
streams in terms of network treatment. Application traffic requiring
different network treatment SHOULD therefore be carried over
different five-tuples (i.e. multiple QUIC connections). Given
QUIC's ability to send application data on the first packet of a
connection (if a previous connection to the same host has been
successfully established to provide the respective credentials), the
cost for establishing another connection are extremely low.
[EDITOR'S NOTE: For discussion: If establishing a new connection does
not seem to be sufficient, the protocol's rebinding functionality
(see section 3.7 of [I-D.ietf-quic-transport]) could be extended to
allow multiple five-tuples to share a connection ID simultaneously,
instead of sequentially.]
5. Prioritization
Stream prioritization is not exposed to the network, nor to the
receiver. Prioritization can be realized by the sender and the QUIC
transport should provide and interface for applications to prioritize
streams [I-D.ietf-quic-transport].
Priority handling of retransmissions may be implemented in the
transport layer and [I-D.ietf-quic-transport] does not specify a
specific way how this must be handled. Currently QUIC only provides
fully reliable stream transmission, and as such prioritization of
retransmission is likely beneficial. For not fully reliable streams
priority scheduling of retransmissions over data of higher-priority
streams might not be desired. In this case QUIC could also provide
an interface or derive the prioritization decision from the
reliability level of the stream.
Kuehlewind & Trammell Expires September 9, 2017 [Page 4]

Internet-DraftApplicability of the QUIC Transport Protocol March 20176. Graceful connection closure
[EDITOR'S NOTE: give some guidance here about the steps an
application should take; however this is still work in progress]
7. Information exposure and the Connection ID
QUIC exposed some information to the network in the unencrypted part
of the header. This is either because there is no encryption context
established yet or because this information is intended to be
consumed by the network. Some of these information can be optionally
exposed (still under discussion). Given that exposing these
information can have privacy implications, an application may
indicate to not support exposure of certain information.
In case of the connection ID this can be the case if the application
has additional information that the client is not behind a NAT and
the server is not behind a load balancer, and therefore it is
unlikely that the addresses will be re-binded.
8. Use of Versions and Cryptographic Handshake
Versioning in QUIC may change the whole protocol behavior, beside
some header fields that have been declared to be fixed. As such a
new or higher version of QUIC does not necessarily provide a better
service but just a very different service, an application needs to be
able to select which versions of QUIC it wants to use.
The use of a different encryption scheme than TLS1.3 or higher needs
a new version of QUIC. [I-D.ietf-quic-transport] specifies
requirements for the cryptographic handshake as currently realized by
TLS1.3 and described in a separate specification [I-D.ietf-quic-tls].
This split is performed to enable light-weight versioning with
different cryptographic handshakes.
9. IANA Considerations
This document has no actions for IANA.
10. Security Considerations
See the security considerations in [I-D.ietf-quic-transport] and
[I-D.ietf-quic-tls]; the security considerations for the underlying
transport protocol are relevant for applications using QUIC, as well.
Application developers should note that any fallback they use when
QUIC cannot be used due to network blocking of UDP SHOULD guarantee
the same security properties as QUIC; if this is not possible, the
Kuehlewind & Trammell Expires September 9, 2017 [Page 5]